Sr. Software Engineer (Security) - Portugal

Posted 3 days agoViewed

💎 Seniority level: Senior, 5+ years

📍 Location: Portugal

💸 Salary: 70000.0 - 90000.0 EUR per year

🔍 Industry: Benefit solutions

🏢 Company: Lively👥 501-1000💰 $7,000,000 Debt Financing over 12 years agoWireless Mobile Health Care Software

🗣️ Languages: English

⏳ Experience: 5+ years

🪄 Skills: Node.jsPostgreSQLAgileJavascriptTypeScript

5+ years of experience working with information security and web applications (Node preferred).
Bachelor's degree in computer science, or equivalent.
Fluent in both written and spoken English, with strong communication skills.
Experience and proficiency with information security frameworks and approaches like CIS and NIST.
Familiarity with PKI, encryption, mutual TLS, cipher suites, and other network- and disk-level data protection protocols, tools, and configurations.
Experience performing software security reviews and implementing security solutions at the business division level.
Experience with application security best practices and familiarity with common vulnerabilities (e.g., SQLi, SSRF, race conditions, access controls, privilege escalations, etc.).
Experience working in regulated industries which have various security controls implemented including strict change management is a plus.
Strong knowledge in software design and familiarity with design patterns.
Experienced with TypeScript, Javascript, and Node.js.
Strong fundamental understanding of relational DataBase (Postgresql, Mysql).
Strong debugging skills.
Strong product delivery records.
Experience with Agile/Scrum development methodology.

Work to ensure Lively is constantly utilizing the most recent standards, tools, and tech to ensure proper defense in depth.
Help the product and engineering org discover and mitigate information security risks for new products and features.
Work with the Head of Security to further refine infosec policies and their controls.
Identify and lead the secure design and implementation of new security initiatives and improvements to the existing web application.
Help ensure our application is free of vulnerabilities by keeping third party dependencies patched.
Help identify, investigate, and mitigate security incidents involving our web application.
Assist with security incident postmortems and root cause analysis.
Identify and model new and existing threats to our web application.
Provide security mentorship and outreach to internal development teams.
Review high-risk changes to the web application.